* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download GM Access Tutorial
Net neutrality law wikipedia , lookup
Computer network wikipedia , lookup
Airborne Networking wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Network tap wikipedia , lookup
Server Message Block wikipedia , lookup
TV Everywhere wikipedia , lookup
Distributed firewall wikipedia , lookup
Wireless security wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Remote Desktop Services wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
AUDIENCE This document is for the network administrator, engineer or contractor who is responsible for connecting clients to GM ACCESS and/or integrating networks with GM ACCESS. PREREQUISITES This document assumes a basic understanding of Microsoft operating systems, Transmission Control Protocol/Internet Protocol (TCP/IP), and networking. Also, that you have read and understand the GM ACCESS PC and Printer Client Policy in the GM ACCESS PC and Printer Client Policy in the GM ACCESS PDCS Manual. The PDCS Manual can be located at the GM ACCESS web site. PURPOSE Today, the GM ACCESS PDCS Manual provides sufficient information for connecting clients locally to the GM ACCESS server. However, GM ACCESS has found an increasing demand for advanced details about the GM ACCESS network. This document is being provided to assist with connecting clients, clients to multiple Microsoft operating systems and integrating dealer networks with the GM ACCESS network. Configuration Each GM ACCESS installation includes the following network components: One Compaq ProSignia 300 5/150 Model 2100 One 150 MHz Pentium Processor with 256K Level 2 Cache 48 MB ECC RAM Two 10baseT Ethernet network controllers Microsoft Windows NT Server 4.0 Microsoft Internet Information Server Lotus Domino Server One Compaq Netelligent 8 port 10baseT hub The GM ACCESS server performs the following functions: Application server File server FTP server Lotus Notes server Windows NT Primary Domain Controller (PDC) Print server Router Web server Workstation Attached Networks The GM ACCESS server has two 10baseT LAN cards, each of which is connected to two separate network segments. The first card is connected to the GM ACCESS Wide-Area Network (WAN), a.k.a. Pulsat, and is referred to as LAN1. The second card is to an eight port 10baseT hub and is referred to as LAN2. LAN2 is the segment to which the clients are attached. The GM ACCESS wiring standard calls for unshielded twisted pair category five Ethernet cabling. Although the wiring supports higher speeds, the LANs are limited to 10 megabit or 10baseT due to the network device capabilities. Browsing The Windows NT network browser service has been disabled on the GM ACCESS server to reduce traffic on the GM ACCESS wide-area network. Therefore, when mapping drives to the GM ACCESS server, you must input the network path, i.e., \\GMAnnnnn\GM_APPS where GMAnnnnn is the GM ACCESS server’s machine name. IP Addressing GM ACCESS uses a private Class A network 10.0.0.0 subnetted into multiple Class C equivalent networks for all GM ACCESS servers. All GM ACCESS wide-area network host uses registered network addresses. GM ACCESS uses network subnets 10.128.0.0/16 through 10.205.0.0/16. Naming and Resolution Each GM ACCESS server’s domain name and computer name are created using a consistent template. The domain name will always begin GMADOM followed by a five digit GM identifier, i.e., GMADOMnnnnn. The computer name uses the same naming convention without the domain abbreviation, DOM, i.e., GMAnnnnn. PC Clients connect to the GM ACCESS server utilizing Microsoft's "Client for Microsoft Network." This client service uses NetBIOS name resolution. GM ACCESS does not provide Windows Information Name Services (WINS) for NetBIOS name resolution, and it is not needed for locally attached clients. Domain Name Services (DNS) are provided for the entire GM ACCESS network (i.e., server and clients) to resolve both GM Intranet and public Internet domain names. Network Drives GM ACCESS uses three network drives: H, K and T; and they cannot be mapped to different network drive letters. The H: drive is mapped to the userid share (i.e., \\GMAnnnnn\userid) and limits multiple simultaneous access to one user. Therefore, two clients cannot simultaneously connect to this share. The K: drive is mapped to the GM_APPS share (i.e., \\GMAnnnnn\GM_APPS) and allows unlimited simultaneous access. The T: drive is mapped to the STG share (i.e., \\GMAnnnnn\STG), and allows unlimited simultaneous access. This network drive is exclusive to the GM Service Operations Techline client. Protocol Transmission Control Protocol/Internet Protocol (TCP/IP) is the only protocol used by GM ACCESS. Routing The GM ACCESS server functions as a router between the GM ACCESS wide-area network and the GM ACCESS local area network. The Routing Internet Protocol (RIP) service, Version 1, is installed and bound to both network segments attached to the GM ACCESS server. To minimize traffic on the GM ACCESS wide-area network, the RIP service was modified to only update once every 24 hours.Each LAN1 segment is directly connected to the GM ACCESS wide-area network router. Therefore, these networks are automatically known on the GM ACCESS widearea network router. RIP is used to learn the LAN2 network attached to the GM ACCESS server. GM ACCESS server RIP learned routes are not propagated across the GM ACCESS wide-area network. Therefore, traffic originating from these learned routes will only route locally, not within the GM ACCESS wide-area network. The GM ACCESS server has a single default gateway entry, which is to the router/firewall connection at the far side of the GM ACCESS wide-area network. The firewall will discard packets with unknown or unauthorized source or destination IP addresses (i.e., 192.a.b.0), thus ending communications. Network Constraints Client Operating Systems At the time of this publication, Windows 95, Windows 98 and Windows NT Workstation 4.0 are the currently approved client operating systems. GM ACCESS has not approved Windows 98 Second Edition and Windows 2000 Professional operating systems for use with GM ACCESS applications. GM ACCESS applications may perform properly on these operating systems, but GM has not conducted testing to ensure compatibility. Therefore, any use of non-approved operating systems is at the risk of the user. See the GM ACCESS PDCS Manual for a more current listing of the approved client operating systems. Default Gateway The GM ACCESS server has a single default gateway entry, which is to the firewall connection at the far side of the GM ACCESS wide-area network. GM ACCESS does not allow adding a second default gateway to the GM ACCESS server. IP Addressing GM ACCESS recommends that the default LAN2 network addressing be used. However, the local site can request the LAN2 network address to be changed to an opened (per GM ACCESS) private (10.x.x.x/24) network address. This rule is enforced by the GM ACCESS wide-area network firewall, which discards traffic that does not originate from a private (10.x.x.x) network address. NT Trust GM ACCESS does not allow the creation of trust relationships between the GM ACCESS server and a dealer’s Windows NT Server or NT Workstation. Routed Clients The GM ACCESS wide-area network routers only maintain routes for networks directly attached to GM ACCESS servers. For routed clients to access the GM ACCESS wide-area network hosts, GM ACCESS requires the use of Network Address Translation on the local site router. Static Routes GM ACCESS does not allow the addition of static routes on the GM ACCESS server. Connecting Clients Local Clients How to connect a client simultaneously to Multiple NT Domains A client can simultaneously connect to multiple NT Domains (i.e., both the GM ACCESS server and another NT server). GM ACCESS recommends that when multiple NT Domains exist, clients' should first logon to the non-GM ACCESS NT domain, then utilize persistent network drive mappings to access GM ACCESS resources. How this is accomplished varies depending on the client operating system. Windows 95 and Windows 98 Once logged onto an NT Domain, Windows 95 and Windows 98, use the same user ID and password to authenticate when mapping a drive to a different NT server. Therefore, the user ID must be identical on both servers. If the password differs, the user will be prompted to enter one. GM ACCESS does not allow a user to request a specific user ID; therefore, the non-GM ACCESS domain must create a user ID identical to the GM ACCESS user ID. Windows NT Workstation 4.0 and Windows NT Server Once logged onto an NT Domain, Windows NT Workstation 4.0 and Windows NT Server allow the use of a different user ID and password to authenticate when mapping a drive to a different NT server. If the password differs, the user will be prompted to enter one. GM ACCESS recommends that the user ID’s match on both domains for simplicity. How to connect a Windows NT Workstation 4.0 client Windows NT clients can be configured to participate in a workgroup or a domain, which contains its account information. Member of Domain Windows NT client cannot be configured as a member of the GM ACCESS domain. This would require the creation of a trust and computer account on the GM ACCESS server, which is not allowed. When a Windows NT client is configured as a member of a non-GM ACCESS domain, it can connect to the GM ACCESS server using persistent network drive mappings to the GM ACCESS server. Member of Workgroup When a Windows NT client is configured as a member of a workgroup, it can connect to the GM ACCESS server using persistent network drive mappings. Refer to the GM ACCESS PDCS Manual for specific steps and drive mapping details. Remote Clients How to connect a remote client via a bridge Requirements for connecting a client do not change when a bridge is involved. However, GM ACCESS does not recommend the use of bridges due to performance implications. How to connect a remote client via a router GM ACCESS’s requirements for connecting a client do not change when a router is involved. However, there are additional steps that must be taken for a successful connection. If GM ACCESS is the Internet Service Provider (ISP), then the routers’ default gateway must be the GM ACCESS server (i.e., 10.a.b.70) and the clients default gateway is the router. If GM ACCESS is not the ISP, then the routers’ default gateway must be to the ISP and the clients default gateway is the router. The router will also need the following routes added to properly route GM ACCESS application traffic. Destination Mask Gateway Purpose <LAN1> 255.255.255.255 <LAN2> VOM Return traffic 207.37.182.36 255.255.255.255 <LAN2> Primary DNS 207.37.182.30 255.255.255.255 <LAN2> Secondary DNS 207.74.147.240 255.255.255.255 <LAN2> GM ACCESS Home Page 205.239.188.0 255.255.255.0 <LAN2> VOM / SPA / Profit Center 206.120.32.0 255.255.255.0 <LAN2> IDCS Where: <LAN1> = GM ACCESS server connection to the GM ACCESS WAN <LAN2> = GM ACCESS server connection to the GM ACCESS HUB Note 1: The <LAN1> and <LAN2> IP address can be obtained from the GM ACCESS NT server using these steps. · Log on to the GM ACCESS NT server console, not an attached client. · Go to the “Command Prompt” · Type IPCONFIG and press <ENTER> The IP addresses are displayed and can be identified by the address format. LAN1: 10.nnn.1.nnn or 10.20n.nnn.nnn LAN2: 10.nnn.nnn.70 or 10.nnn.nnn.nnn if a non-GM ACCESS address scheme is in use Note 2: GM ACCESS uses the following host addresses within the LAN2 subnet: · .70 for the GM ACCESS Server (a.k.a., routers default gateway) · .1 for the GM ACCESS Hub · .51-.60 for the Techline device(s) · .101-.150 GM ACCESS Clients Adding these routes to the router will enable GM ACCESS application traffic to properly route to GM. For GM to reply to the client, the router must be using Network Address Translation (NAT) on the interface attached to the GM ACCESS server. This enables client traffic to appear as if it originated from the GM ACCESS server’s LAN2 subnet, not a remote/routed subnet. GM ACCESS recommends when configuring NAT, all clients be routed and a subset of the recommended client address range be used to create the NAT pool (e.g., 10.a.b.110 - 10.a.b.150). This will simplify the NAT configuration and it isolates the GM ACCESS network from the remote network. A Network Address Translation configuration example is located in Appendix A. Routed clients also require local NetBIOS name resolution services (i.e., WINS or LMHOSTS. file) to properly resolve the GM ACCESS NT Server domain and machine names. A LMHOST. file example can be found in Appendix B. If GM ACCESS is not the ISP, then a local DNS solution is required (i.e., DNS Forwarder or HOSTS. file) to be able to resolve GM ACCESS Intranet domains. A HOST. file example can be found in Appendix C. If a local DNS is available, it should be configured to forward all DNS queries for the GM ACCESS Intranet domains to the GM ACCESS DNS servers for resolution. This would eliminate the need for the HOSTS. file entry. GM ACCESS Root-Level Domains – GMACCESS.COM Appendix A - Network Address Translation Configuration Example Cisco Dynamic Inside Source Translation Configuration version 11.2 ! ip nat pool GMAccess 10.a.b.110 10.a.b.150 netmask 255.255.255.0 ip nat inside source list 1 pool GMAccess ! interface Ethernet0 description GM ACCESS LAN Segment ip address 10.a.b.101 255.255.255.0 ip nat outside ! interface Ethernet1 description Dealer Lan Segment ip address 192.1.1.1 255.255.255.0 ip nat inside ! no ip classless ip route 0.0.0.0 0.0.0.0 10.a.b.70 access-list 1 permit 192.1.1.0 0.0.0.255 ! end Appendix B - NetBIOS Name Resolution Example – LMHOSTS. File The LMHOSTS. File is used by Windows to resolve NetBIOS names to IP addresses and is used in lieu of WINS. The default file location is listed below with a GM ACCESS entry example. Note that the file does not have an extension. Also located in the same directory is a sample file, LMHOSTS.SAM. This file will not work for NetBIOS name resolution due to the .SAM extension. In order for the GM ACCESS entry example to work, you must substitute the 10.a.b.70 with local GM ACCESS servers LAN 2 IP address and the nnnnn with the GM ACCESS servers machine name numeric identifier. Windows 9x C:\Windows\LMHOSTS. Windows NT C:\WinNT\System32\drivers\etc\LMHOSTS. GM ACCESS LMHOSTS. file entry example: 10.a.b.70 GMAnnnnn #PRE #DOM:GMADOMnnnnn Appendix C – Domain Name Resolution Example – HOSTS. File The HOSTS. File is used by Windows to resolve domain names to IP addresses and is used in lieu of DNS. The default file location is listed below with a GM ACCESS entry example. Note that the file does not have an extension. Also located in the same directory is a sample file, HOSTS.SAM. This file will not work for domain name resolution due to the .SAM extension. Windows 9x C:\Windows\HOSTS. Windows NT C:\WinNT\System32\drivers\etc\HOSTS. GM ACCESS HOSTS. file entry example: 205.239.188.11 VOM.gmaccess.com